Web Application Security News
January 17, 2017
Researchers saw a Gmail phishing campaign in the wild using clever tricks to access accounts including a difficult 2FA bypass only possible in real-time.
January 13, 2017
New Microsoft privacy tools will give users control over the data collected on the web and within Windows. Experts hope the tools will offer data privacy transparency.
December 14, 2016
A new Certificate Transparency Monitoring tool from Facebook may help webmasters track and vet TLS certificates, as well as improve integrity and security for HTTPS traffic.
July 27, 2016
Problems with LastPass security might have been improperly disclosed, putting user passwords at higher risk, but the flaws have already been fixed, with an update rolling out now.
Web Application Security Get Started
Bring yourself up to speed with our introductory content
Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet. Continue Reading
Switching to a DevSecOps model in software development offers many benefits, but combining security and DevOps takes knowledge, forethought and planning. Continue Reading
A buffer overflow occurs when a program attempts to write more data to a fixed length block of memory, or buffer, than the buffer is allocated to hold. Buffer overflow exploits may enable remote execution of malicious code or denial of service ... Continue Reading
Evaluate Web Application Security Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
The remote administration Ammyy Admin software was repeatedly found to be spreading different types of malware. Expert Nick Lewis explains how enterprises should protect themselves. Continue Reading
This guide explains the technology and the key features an effective system should include to help readers evaluate fraud detection products and choose the best for their company. Continue Reading
Web fraud detection systems are designed to minimize the threat of online payment fraud. While the fraud rate has not been growing, it is still significant and financial institutions take a hit for money lost.
Payment fraud detection involves ... Continue Reading
Manage Web Application Security
Learn to apply best practices and optimize your operations.
SSL attacks such as Heartbleed, POODLE and Shellshock have placed countless enterprises at risk. Learn how these different attacks work, and how they can be prevented or mitigated. Continue Reading
Enterprises can't avoid dealing with cloud-based application security any longer. Expert Dejan Lukan discusses the challenges and why they're not as bad as they seem. Continue Reading
SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service. Continue Reading
Problem Solve Web Application Security Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
C&C servers have been replaced with Twitter accounts, which spread the Android Trojan Twitoor to user devices. Expert Michael Cobb explains how to stop this attack. Continue Reading
DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and ... Continue Reading
Web application security vulnerabilities can exist from browser to SSL/TLS. Expert Brad Causey explains how application security testing and Web application firewalls can address this. Continue Reading